The ransomware virus — which infects a computer and then encrypts its files, promising to decrypt them if a ransom is paid — crippled state-run infrastructure and major companies.

The exploit, dubbed ExPetr, takes advantage of a vulnerability in Microsoft’s Windows XP through 2008, and was also used for the WannaCry attack that happened in May. (North Korea has been identified as the likely source of WannaCry.)

EternalBlue was developed by the NSA over five years ago and remained secret until April, when a trove of NSA secrets were disclosed by a group known as the Shadow Brokers. NSA alerted Microsoft to the vulnerability in March and Microsoft has released a patch, however the patch depends on end-users making software updates, leaving those who are slow to update vulnerable to attack.